How to deploy a Bitwarden server with Docker

2 years ago 399

Are you looking to deploy an in-house password manager server? Jack Wallen shows you however with Bitwarden and Docker.

Bitwarden is 1 of my favourite password managers. But if you're earnestly acrophobic astir information and would alternatively not prevention your password database connected a third-party server, you mightiness privation to see deploying your ain Bitwarden server.

That mightiness dependable similar a superior situation but, acknowledgment to Docker, it's really rather simple. I'm going to amusement you however to bash conscionable that.

SEE: Password breach: Why popular civilization and passwords don't premix (free PDF) (TechRepublic)

What you'll request

The lone things you'll request to marque this hap are a server that supports Docker and a idiosyncratic with sudo privileges. I'm going to beryllium demonstrating connected Ubuntu Server 20.04.

Ready? Okay.

How to instal Docker

On the disconnected accidental you don't person Docker installed, let's bash truthful now. We'll beryllium utilizing Docker Compose, truthful there's much to the installation than usual.

First, instal the indispensable dependencies with:

sudo apt instal apt-transport-https ca-certificates curl gnupg-agent software-properties-common -y

Next, adhd the Docker GPG cardinal with:

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key adhd -

Note: The supra method of adding a cardinal is deprecated but inactive works.

Add the close repository:

sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

Update apt and instal with the following:

sudo apt update sudo apt instal docker-ce docker-ce-cli containerd.io docker-compose

How to make the Bitwarden idiosyncratic

To beryllium safe, we're going to tally each of this with a circumstantial user. First, we'll make a directory for the idiosyncratic with:

sudo mkdir /opt/bitwarden

Create the idiosyncratic with:

sudo adduser bitwarden

Give the recently created directory the due support and ownership with:

sudo chmod -R 700 /opt/bitwarden sudo chown -R bitwarden:bitwarden /opt/bitwarden

Add the bitwarden idiosyncratic to the docker radical with:

sudo usermod -aG docker bitwarden

Change to the bitwarden idiosyncratic with:

su bitwarden

How to download the installer publication and deploy Bitwarden

Download the useful installer publication with:

curl -Lso bitwarden.sh https://go.btwrdn.co/bw-sh && chmod 700 bitwarden.sh

Before we tally the installer script, marque definite you don't person a web server already moving (because Bitwarden is going to tally connected larboard 80 and it won't commencement if that larboard is already taken). Kill Apache with:

sudo systemctl halt apache2

If this is simply a Red Hat-based machine, that bid would be:

sudo systemctl halt httpd

If you're utilizing NGINX, halt it with the command:

sudo systemctl halt nginx

Run the installer with:

./bitwarden.sh install

You volition beryllium asked for an FQDN. If you don't program connected accessing Bitwarden from extracurricular your LAN, you tin ever conscionable usage an IP code for that.

This volition instrumentality immoderate clip for each of the containers to propulsion and deploy.

Next, we request to configure the SMTP server that Bitwarden volition use. After the deployment completes, unfastened the configuration record with:

nano ~/bwdata/env/global.override.env

In that file, hunt for and configure the pursuing sections, utilizing an disposable SMTP server (I utilized Google's):

globalSettings__mail__smtp__host=REPLACE globalSettings__mail__smtp__port=REPLACE globalSettings__mail__smtp__ssl=REPLACE globalSettings__mail__smtp__username=REPLACE globalSettings__mail__smtp__password=REPLACE adminSettings__admins= ADMIN_EMAIL

Make definite to regenerate each lawsuit of REPLACE with your SMTP server settings and ADMIN_EMAIL with an email code for the admin user. Save and adjacent the file.

Finally, commencement the Bitwarden server with:

./bitwarden.sh start

How to entree your Bitwarden server

Open a web browser and constituent it to https://SERVER (where SERVER is the IP code oregon domain of the instrumentality hosting your Bitwarden server). You should beryllium presented with the Bitwarden web UI (Figure A).

Figure A

Click Create Account to make your Bitwarden account. Once you've created it, log successful with the credentials and you tin commencement utilizing your Bitwarden server to location your passwords … each of which volition stay connected your ain hardware.

Cybersecurity Insider Newsletter

Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and Thursdays